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Please amend the claims as follows: 

1. (Amended) A method for preventing a» hostile use of computer resources by an 
application running on a workstation, comprising th e st e ps of : 

a) providing a list of services that are not allowed for access by unspecified applications; 

b) when such unspecified application runs on the workstation, preventing said 
application from accessing any resource directly; 

c) analyzing any direct or indirect request for access to specific services, to determine 
whether such request is allowable according to the list defined under a) above; 

d) if the request is allowable, allowing the workstation to process it; and 

e) if the request is not allowable, preventing the unspecified application from accessing 
the requested resource; 

wherein said resource may be any local or remote resource, including, but not limited to, 
memory allocation, files, directories, operations with files and directories, such as copy, delete or 
compress, or any other operation leading to a permanent change in the workstation or its periphery. 

2. (Original) A method according to claim 1, wherein the list of services is provided as a 
look-up table. 

3. (Previously Amended) A method according to claim 2, wherein an unspecified 
application is an application which is not specifically identified in a pre-set list of applications. 
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4. (Original) A method according to claim 3, wherein the pre-set list of applications 
includes a list of resources which each application may utilize. 

5. (Amended) An agent for protecting a workstation against the hostile use of computer 
resources by an unspecified application running on said workstation, comprising: 

a) means for detecting an unspecified application running on the workstation; 

b) means for determining the requests for resources to be used by said unspecified 
application; 

c) means for identifying chain requests for resources utilization, wherein said chain 
requests comprise requests made by resources called by said unspecified application; 

d) means for determining whether requests made directly by said unspecified application 
are allowable; 

e) means for determining whether requests made indirectly, as chain requests, by said 
unspecified application would be not allowable if made directly by said unspecified application; and 

f) means for preventing said chain request from being processed, if it is determined that 
the request is not allowable, or that it would not be allowable if made directly by said unspecified 
application, and for allowing its processing if otherwise determined. 

6. (Original) An agent according to claim 5, wherein the means for determining whether 
requests made directly or indirectly by said unspecified application are allowable comprise a look-up 
table including a list of services that are not allowed for access by unspecified applications. 
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7. (Previously Amended) An agent according to claim 6, wherein said resource maybe 
any local or remote resource, including, but not limited to, memory allocation, files, directories, 
operations with files and directories, such as copy, delete, or compress, or any other operation 
leading to a permanent change in the workstation or its periphery. 

8. (Previously Amended) An agent according to claim 7, further comprising a pre-set list 
of applications including a list of resources which each application may utilize. 

9. (Previously Added) A method according to claim 1, wherein an unspecified 
application is an application which is not specifically identified in a pre-set list of applications. 

1 0. (Previously Added) A method according to claim 9, wherein the pre-set list of 
applications includes a list of resources which each application may utilize. 

1 1. (Previously Added) An agent according to claim 5, wherein said resource may 
be any local or remote resource, including, but not limited to, memory allocation, files, 
directories, operations with files and directories, such as copy, delete or compress, or any other 
operation leading to a permanent change in the workstation or its periphery. 

12. (Previously Added) An agent according to claim 1 1, further comprising a pre- 
set list of applications including a list of resources which each application may utilize. 
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13. (Previously Added) An agent according to claim 6, further comprising a pre-set 
list of applications including a list of resources which each application may utilize. 

14. (Previously Added) An agent according to claim 5, further comprising a pre-set 
list of applications including a list of resources which each application may utilize. 

1 5 . (New) A method for preventing hostile use of computer resources in a local network 
by an application running on a workstation in the local network, comprising: 

providing a list of computer resources that cannot be used by certain applications downloaded 
from outside the workstation; 

detennining whether computer resources in any direct or indirect request by the downloaded 
application to use computer resources is in said list of computer resources, such that said request is 
allowable; 

wherein if the request is allowable, allowing the workstation to use the computer resources 
requested; and 

wherein if the request is not allowable, preventing the workstation from using the computer 
resources requested. 

16. (New) A method according to claim 15, wherein the list of computer resources is 
provided as a look-up table. 

17. (New) A method according to claim 16, wherein the certain applications are 
applications not specifically identified in a pre-set list of applications. 
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18. (New) A method according to claim 17, wherein the pre-set list of applications 
includes a list of computer resources which each certain application may utilize. 

1 9. (New) An agent for preventing hostile use of computer resources in a local network 
by an application running on a workstation in the local network, comprising: 

means for detecting certain applications downloaded from outside the workstation; 
means for identifying direct requests by said certain applications to use the computer 
resources; 

means for identifying indirect requests by said certain applications to use the computer 
resources; 

means for determining whether direct requests by said certain applications are allowable; 

means for determining whether indirect requests by said certain applications would be 
allowable if made directly by said certain applications; and 

means for preventing said workstation from using the requested computer resources when at 
least one of said direct or indirect requests is determined not to be allowable. 

20. (New) An agent according to claim 19, wherein the means for determining whether 
requests made directly or indirectly by said certain applications are allowable comprise a look-up 
table including a list of computer resources that are not allowed for access by certain applications. 

21 . (New) An agent according to claim 20, wherein said computer resources comprise 
local network resources including workstation resources. 
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22. (New) An agent according to claim 21, further comprising a pre-set list of 
downloadable applications allowed to use computer resources, said pre-set list including a list of 
computer resources which each downloadable application may utilize. 

23 . (New) A method for preventing hostile use of computer resources in a local network 
by an application running on a workstation in the local network, comprising: 

providing a list of computer resources that are not allowed to be used by one or more 
applications downloaded from outside the workstation; 

determining whether any direct or indirect request by the one or more downloaded 
applications to use computer resources are allowable according to the list; 

allowing the workstation to process the direct or indirect request if the request is allowable; 

and 

preventing the workstation from processing the direct or indirect request if the request is not 
allowable. 

24. (New) A computer recording medium including computer executable code for 
preventing hostile use of computer resources by an application running on a workstation, 
comprising: 

code for providing a list of services that are not allowed for access by unspecified 

applications; 

code for when such unspecified application runs on the workstation, preventing said 
application from accessing any resource directly; 

code for analyzing any direct or indirect request for access to specific services, to 
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determine whether such request is allowable according to the list defined under a) above; 

code for if the request is allowable, allowing the workstation to process it; and 
code for if the request is not allowable, preventing the unspecified application from 

accessing the requested resource; 

wherein said resource may be any local or remote resource, including, but not limited to, 

memory allocation, files, directories, operations with files and directories, such as copy, delete or 

compress, or any other operation leading to a permanent change in the workstation or its periphery. 

25. (New) A computer recording medium including computer executable code for 
preventing hostile use of computer resources in a local network by an application running on a 
workstation in the local network, comprising: 

code for providing a list of computer resources that cannot be used by certain applications 
downloaded from outside the workstation; 

code for determining whether computer resources in any direct or indirect request by the 
downloaded application to use computer resources is in said list of computer resources, such that 
said request is allowable; 

wherein if the request is allowable, allowing the workstation to use the computer resources 
requested; and 

wherein if the request is not allowable, preventing the workstation from using the computer 
resources requested. 
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26. (New) A computer recording medium including computer executable code for 
preventing hostile use of computer resources in a local network by an application running on a 
workstation in the local network, comprising: 

code for providing a list of computer resources that are not allowed to be used by one or more 
applications downloaded from outside the workstation; 

code for determining whether any direct or indirect request by the one or more downloaded 
applications to use computer resources are allowable according to the list; 

code for allowing the workstation to process the direct or indirect request if the request is 
allowable; and 

code for preventing the workstation from processing the direct or indirect request if the 
request is not allowable. 
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